Oval Definition:oval:com.redhat.rhsa:def:20202529
Revision Date:2020-06-11Version:635
Title:RHSA-2020:2529: tomcat6 security update (Important)
Description:Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

Security Fix(es):

  • tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2020-9484
    RHSA-2020:2529
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • tomcat6 is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6 is signed with Red Hat redhatrelease2 key
  • tomcat6-admin-webapps is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-admin-webapps is signed with Red Hat redhatrelease2 key
  • tomcat6-docs-webapp is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-docs-webapp is signed with Red Hat redhatrelease2 key
  • tomcat6-el-2.1-api is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-el-2.1-api is signed with Red Hat redhatrelease2 key
  • tomcat6-javadoc is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-javadoc is signed with Red Hat redhatrelease2 key
  • tomcat6-jsp-2.1-api is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-jsp-2.1-api is signed with Red Hat redhatrelease2 key
  • tomcat6-lib is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-lib is signed with Red Hat redhatrelease2 key
  • tomcat6-servlet-2.5-api is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-servlet-2.5-api is signed with Red Hat redhatrelease2 key
  • tomcat6-webapps is earlier than 0:6.0.24-115.el6_10
  • AND tomcat6-webapps is signed with Red Hat redhatrelease2 key
    • BACK